Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/84VqdGczguDl6qq4b9ciFD1K8w4.roa
File: 84VqdGczguDl6qq4b9ciFD1K8w4.roa (raw, json)
Hash identifier: bKDaSniB995Cg9D2Dtpq7Rs4lh8LVCV+vvOOYWpAdpE=
Subject key identifier: F3:85:6A:74:67:33:82:E0:E5:EA:AA:B8:6F:D7:22:14:3D:4A:F3:0E
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 0185DDAFB37971B22D7711616A7C5B12816B
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/84VqdGczguDl6qq4b9ciFD1K8w4.roa
Signing time: Mon 23 Jan 2023 08:12:37 +0000
ROA not before: Mon 23 Jan 2023 08:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201776
IP address blocks: 31.40.165.0/24 maxlen: 24
31.40.162.0/23 maxlen: 23
31.40.167.0/24 maxlen: 24
31.40.172.0/23 maxlen: 23
31.40.178.0/23 maxlen: 23
31.40.132.0/24 maxlen: 24
31.40.138.0/24 maxlen: 24
31.40.137.0/24 maxlen: 24
31.40.135.0/24 maxlen: 24
31.40.134.0/24 maxlen: 24
31.40.143.0/24 maxlen: 24
31.40.140.0/24 maxlen: 24
31.40.151.0/24 maxlen: 24
31.40.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:af:b3:79:71:b2:2d:77:11:61:6a:7c:5b:12:81:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 23 08:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3856a74673382e0e5eaaab86fd722143d4af30e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:79:fb:01:f0:46:06:a3:93:2c:2f:fb:35:c2:
6f:23:fd:b6:fd:8e:a7:21:2a:13:42:54:4d:02:99:
ff:a5:02:97:41:c8:42:2c:2f:06:2e:d6:d7:14:53:
2a:cf:dc:f3:ef:ab:fa:22:57:28:cb:e5:d8:17:1d:
34:3b:20:39:d4:d2:c5:cb:70:d9:e5:c7:56:db:d5:
06:1b:b0:b8:0e:4d:3a:76:cb:0e:1c:e8:07:98:71:
e9:a8:4a:f7:17:05:11:c7:24:e1:a6:37:91:58:85:
ca:f3:3a:47:03:b1:5f:47:e3:ff:84:06:30:1d:6a:
fc:21:63:fb:8a:13:a5:60:a1:50:94:bb:a2:6e:ae:
bd:09:bb:07:38:ad:4a:2a:e1:af:70:67:94:4a:3d:
7b:df:d6:6c:5b:b3:4a:60:61:87:d7:20:e9:17:74:
23:5b:1f:c4:51:36:a4:35:b8:d2:dc:5c:74:8c:92:
42:84:ae:4a:2b:94:81:8a:0a:c2:36:a8:0d:81:50:
bd:32:5b:c9:ea:a0:57:fa:ce:d4:55:bc:6a:47:8c:
70:26:bf:a0:3e:56:1f:e3:43:92:e8:ba:54:b8:fb:
77:84:2e:68:12:2c:59:7a:f9:e2:3b:36:48:b9:a0:
d4:1f:2c:39:be:7c:be:a7:79:ca:3d:c2:3c:dc:a1:
ed:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:85:6A:74:67:33:82:E0:E5:EA:AA:B8:6F:D7:22:14:3D:4A:F3:0E
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/84VqdGczguDl6qq4b9ciFD1K8w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.132.0/24
31.40.134.0/23
31.40.137.0-31.40.138.255
31.40.140.0/24
31.40.143.0/24
31.40.151.0/24
31.40.153.0/24
31.40.162.0/23
31.40.165.0/24
31.40.167.0/24
31.40.172.0/23
31.40.178.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:0b:f5:39:d2:62:bd:5d:23:57:56:85:4e:86:7a:fe:9c:fe:
8b:3c:31:28:65:66:bc:0b:69:8e:82:4d:c7:7f:a3:46:37:ce:
e9:a0:5a:09:85:51:78:15:44:59:eb:eb:82:87:0f:2d:b9:73:
4b:3f:0c:f6:09:0f:04:e3:59:57:31:ce:c6:79:bc:35:98:2d:
2f:11:c9:7c:ea:be:d8:2b:3a:2f:6c:ff:8c:b0:42:d2:87:1d:
db:ff:cc:b4:1a:97:2d:f4:41:5c:95:81:09:eb:dc:61:da:87:
7f:94:22:d4:52:eb:47:4c:77:8e:4a:c2:cf:0b:cf:a2:ce:92:
8b:00:1a:10:dc:9a:ed:d9:c9:68:a1:a8:3e:81:5d:0a:c0:d7:
38:b6:97:fb:b4:37:9b:9a:c1:a0:4d:f5:ef:6a:02:f1:e7:9c:
cc:e8:63:a7:05:59:e1:fd:1e:61:a0:d6:cd:4f:3f:5f:d5:9b:
b9:c4:99:32:6e:53:a3:6e:40:56:a2:d0:4e:f9:90:71:b2:cf:
93:22:f7:8d:57:7a:11:a0:6f:9a:6f:17:cf:32:66:b8:e1:0c:
68:f2:eb:b9:d1:56:c9:69:8f:d5:3d:1e:2c:d9:31:48:0a:6c:
08:c3:33:1a:0a:3d:f2:6e:7e:ba:8f:1a:02:f0:0a:dc:e8:58:
63:51:f0:a9
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYXdr7N5cbItdxFhanxbEoFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTIzMDgxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg1NmE3NDY3MzM4MmUwZTVlYWFhYjg2ZmQ3MjIxNDNkNGFmMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnn7AfBGBqOTLC/7NcJvI/22/Y6n
ISoTQlRNApn/pQKXQchCLC8GLtbXFFMqz9zz76v6Ilcoy+XYFx00OyA51NLFy3DZ
5cdW29UGG7C4Dk06dssOHOgHmHHpqEr3FwURxyThpjeRWIXK8zpHA7FfR+P/hAYw
HWr8IWP7ihOlYKFQlLuibq69CbsHOK1KKuGvcGeUSj1739ZsW7NKYGGH1yDpF3Qj
Wx/EUTakNbjS3Fx0jJJChK5KK5SBigrCNqgNgVC9MlvJ6qBX+s7UVbxqR4xwJr+g
PlYf40OS6LpUuPt3hC5oEixZevniOzZIuaDUHyw5vny+p3nKPcI83KHtAwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFPOFanRnM4Lg5eqquG/XIhQ9SvMOMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvODRWcWRHY3pndURsNnFxNGI5Y2lGRDFLOHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAHyiEAwQB
HyiGMAwDBAAfKIkDBAAfKIoDBAAfKIwDBAAfKI8DBAAfKJcDBAAfKJkDBAEfKKID
BAAfKKUDBAAfKKcDBAEfKKwDBAEfKLIwDQYJKoZIhvcNAQELBQADggEBAA0L9TnS
Yr1dI1dWhU6Gev6c/os8MShlZrwLaY6CTcd/o0Y3zumgWgmFUXgVRFnr64KHDy25
c0s/DPYJDwTjWVcxzsZ5vDWYLS8RyXzqvtgrOi9s/4ywQtKHHdv/zLQaly30QVyV
gQnr3GHah3+UItRS60dMd45Kws8Lz6LOkosAGhDcmu3ZyWihqD6BXQrA1zi2l/u0
N5uawaBN9e9qAvHnnMzoY6cFWeH9HmGg1s1PP1/Vm7nEmTJuU6NuQFai0E75kHGy
z5Mi941XehGgb5pvF88yZrjhDGjy67nRVslpj9U9HizZMUgKbAjDMxoKPfJufrqP
GgLwCtzoWGNR8Kk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:19 2025 by rpki-client